How Do I Ensure the Security of Backend Services Invoked by APIG?
You can ensure the security of backend services invoked by APIG by using the following methods:
- Bind signature keys to APIs
After a signature key is bound to an API, APIG adds signature information to each request sent to the backend service. The backend service calculates the signature information in each request and checks whether the signature information is consistent with that on APIG.
- Encrypt requests using HTTPS
- Perform backend authentication
Enable security authentication for backend services of the desired APIs to process only API requests that carry correct authentication information.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.